.\" $OpenBSD: x99token.1,v 1.11 2014/07/09 23:16:10 tedu Exp $
.\"
.\" X9.9 calculator
.\" This software is provided AS IS with no express or implied warranty
.\" October 1995, Paul Borman <prb@krystal.com>
.\"
.\" Donated to the Public Domain by Paul Borman
.\"
.Dd $Mdocdate: July 9 2014 $
.Dt X99TOKEN 1
.Os
.Sh NAME
.Nm x99token
.Nd X9.9 software token calculator
.Sh SYNOPSIS
.Nm x99token
.Op Fl d
.Op Fl k Ar keyfile
.Op Fl n Ar count
.Nm x99token
.Fl i
.Op Fl k Ar keyfile
.Sh DESCRIPTION
The
.Nm x99token
program is a simple X9.9 software token calculator.
The token is initialized by using the
.Fl i
option.
In this mode,
.Nm
requests a key.
The key consists of 8 bytes encoded in either hex or octal.
When encoded in hex the key must consist of 16 hex digits,
no spaces (e.g., "0123456789abcdef").
When encoded in octal the key must consist of 8 3-digit octets,
each separated by exactly one space
(e.g., "001 010 100 002 020 200 003 030").
Once the key is entered, a PIN number is requested.
The PIN number is used to perturb the key before it is stored in a keyfile.
This perturbation is not terribly secure.
You should assume that anyone with access to your
keyfile will also have access to your key.
.Pp
When
.Fl i
is not specified,
.Nm
is in calculator mode.
In this mode you must enter the same PIN as used in the initialization step.
The PIN is used to decode the key read from the keyfile.
Next you enter the challenge you have been presented with.
The
.Nm
program will provide you with a response to the challenge.
If the
.Fl d
option is used, the response will fold any hex digits to decimal.
If a
.Ar count
is specified by
.Fl n ,
it indicates the number of challenges to predict.
The first challenge is always the entered challenge.
By default the value of
.Ar count
is 1, which implies only the entered challenge is resolved.
.Pp
Future challenges are predicted by the following algorithm:
.Bl -bullet -offset indent
.It
Encrypt the current challenge with the shared secret key
.It
AND each byte of the response with 0x0f
.It
Modulo each byte by 10 (0x0a)
.It
ADD 0x30 (ASCII value of '0') to each byte
.El
.Pp
The resulting 8 bytes are all ASCII decimal digits and are the
predicted challenge.
This process may be repeated.
.Sh FILES
.Bl -tag -width $HOME/.keyfile.des -compact
.It Pa $HOME/.keyfile.des
default keyfile
.El
.Sh SEE ALSO
.Xr tokenadm 8 ,
.Xr tokeninit 8
.Sh AUTHORS
.An Paul Borman Aq Mt prb@krystal.com
.Sh CAVEATS
This is a very simple-minded program.
The keyfile should be placed on a flash disk which is kept physically secure.
.Pp
Having not read the X9.9 standard, this may not be a complete or accurate
implementation of the standard.
This software is provided AS IS
with no express or implied warranty.
